Qoyod
Pricing

Knowledge Base

The Digital Signature in the E-Invoice: How It Works

A digital signature is the technical foundation that makes an e-invoice in Saudi Arabia trustworthy and tamper-proof. Instead of a paper stamp or a handwritten signature, e-invoicing relies on a mathematical process that proves the identity of the invoice issuer and guarantees that its content has not been altered after issuance. This guide explains the concept and how it works from the ground up: how encryption keys operate, how a digital signature proves authenticity and integrity, and what it actually guarantees and what it does not. The goal is to understand the general principle before you move on to its practical details within the requirements of the e-invoice in Qoyod.

Here we focus on the cryptographic principle itself. The actual output that appears inside the invoice according to ZATCA’s requirements (the fields, its position in the invoice file, its format) is explained in detail in a separate article on the cryptographic stamp in the e-invoice.

What is a digital signature?

A digital signature is a mathematical value computed from the content of a specific document using a private key held solely by the signature owner. Any other party can verify the validity of this signature using a published public key, but no one can forge it without possessing the private key.

A digital signature is not a scanned image of a handwritten signature, nor a name typed at the end of a document. It is a string of encrypted data tightly bound to the content of the document itself. If a single character in the invoice changes after it is signed, the signature immediately becomes invalid.

This difference is fundamental. A handwritten signature proves identity only, and it can be copied or imitated. A digital signature, by contrast, proves both identity and content integrity, and it is practically impossible to imitate as long as the private key is kept safe.

The problem the digital signature solves

Imagine an establishment that issues thousands of invoices every month. How does ZATCA confirm that every invoice was actually issued by the registered establishment, and that no one has altered its value or date after issuance? A paper signature does not work here, because the invoices are digital and are transmitted over the network.

A digital signature solves three fundamental problems in the world of digital documents:

  • Authentication: Confirming that the invoice issuer is truly who they claim to be, and not an impersonating party.
  • Integrity: Confirming that the invoice has not changed in any way since the moment it was signed.
  • Non-repudiation: Preventing the issuer from later denying an invoice they signed with their private key.

These three guarantees are what make an e-invoice a trustworthy legal document, not merely a file that anyone can edit. This is why ZATCA made the digital signature a mandatory pillar of the second phase of e-invoicing, as we explain in the article on the requirements of the second phase of the e-invoice.

Public-key cryptography: the cornerstone

To understand the digital signature, you must first understand the principle of public-key cryptography, known as Public Key Infrastructure (PKI). This principle is the basis of every modern digital signature.

In traditional encryption, a single key is used for both encryption and decryption. The problem is that both parties need to share the same key, which opens the door to leakage. Public-key cryptography solves this problem by using a pair of keys instead of a single key.

The key pair: private and public

Each party holds a pair of keys that are mathematically linked to each other:

  • Private Key: Kept completely secret by its owner and never shared with anyone. It is used to create the signature.
  • Public Key: Published openly and can be viewed by anyone. It is used to verify the signature.

The relationship between the two keys is a one-way mathematical relationship. What is signed with the private key can only be verified with the corresponding public key, and the reverse is practically impossible. That is, the private key cannot be derived from the public key no matter how hard you try.

This property is the source of the strength. Any party can verify your signature using your published public key, but no one can forge your signature because they do not hold your private key.

The key pair: private key versus public key
How the two keys work together in a digital signature.
Criterion Private key Public key
Secrecy Kept completely secret Published to everyone
Function Signs the invoice Verifies the signature
Relationship Not derived from the public key Does not reveal the private key
The private key signs, the public key verifies, and neither can be derived from the other.

Why can’t the process be reversed?

The robustness of this system relies on mathematical problems that are easy to compute in one direction and hard to compute in the reverse direction. For example, multiplying two large prime numbers is easy, but factoring the result back into its two prime factors is extremely hard and takes an enormous amount of time.

The modern algorithms used in e-invoicing rely on Elliptic Curve Cryptography, specifically the ECDSA signing algorithm. This algorithm provides the same level of security with shorter keys, which makes it faster and lighter to process. This matters when you sign thousands of invoices per day.

The hash function: the document’s fingerprint

Before we explain the signing mechanism, we need to understand another essential component: the hash function (hashing). A hash function is a mathematical algorithm that takes any amount of data and produces from it a fixed-length string called the hash value or digital fingerprint.

A good hash function has several properties that make it ideal for the digital signature:

  • Fixed length: Whether the input is a single word or an invoice with a thousand line items, the function produces a value of fixed length. The SHA-256 algorithm used in e-invoicing always produces 256 bits.
  • Sensitive to any change: Changing a single character in the input changes the hash value entirely in an unpredictable way.
  • One-way: It is impossible to recover the original data from the hash value.
  • Practically unique: It is virtually impossible for two different inputs to produce the same hash value.

Think of the hash function as a machine that grinds the document and produces a distinctive fingerprint for it. Any modification, however slight, produces a completely different fingerprint. This fingerprint is what is actually signed, not the full document, and this makes the process much faster.

How the SHA-256 hash function works
How any invoice is transformed into a fixed-length fingerprint.
1

An invoice of any size

2

SHA-256 hash function

3

A fixed 256-bit fingerprint

Any minor change in the invoice produces a completely different fingerprint.

How a digital signature works step by step

Now that we understand keys and hashing, we can assemble the full picture. The signing and verification process passes through two complementary stages: the creation stage at the issuer, and the verification stage at the recipient or ZATCA.

The creation stage at the issuer

When an establishment issues an invoice and wants to sign it digitally, the following steps run automatically inside the accounting system:

  • The system computes the hash value (the fingerprint) of the invoice content using the SHA-256 algorithm.
  • The system encrypts this fingerprint using the establishment’s private key. The encrypted result is the digital signature.
  • The signature is attached to the invoice and sent along with it, together with the public key that allows verification later.

Note that the private key never leaves the issuer’s environment. What is sent is only the invoice, the signature, and the public key. This protects the fundamental secret of the entire system.

The verification stage at the recipient

When the recipient or ZATCA receives the signed invoice, verification proceeds as follows:

  • The verifier computes the hash value of the received invoice using the same algorithm (SHA-256).
  • The verifier decrypts the attached signature using the issuer’s public key, extracting the original fingerprint that the issuer signed.
  • The verifier compares the two fingerprints: the one it computed itself, and the one it extracted from the signature.

If the two fingerprints match, this proves two things at once: that the invoice was truly issued by the holder of the private key (authentication), and that it has not changed since it was signed (content integrity). But if the two fingerprints differ, this means the invoice was modified after signing, or the signature is forged, and in both cases the invoice is rejected.

Notice how the two pieces complement each other in this process. The hash function alone detects any change in the content, but it does not prove who issued the invoice, since any party can compute a new fingerprint after modifying it. And public-key cryptography alone proves identity, but it is slow on large documents. Combining the two solves both problems: we sign the small fingerprint instead of the full document, thereby obtaining authentication and content integrity with high efficiency.

This very integration is what makes the digital signature practical for e-invoicing. An establishment that issues thousands of invoices per month needs a process that is fast and secure at the same time, which is exactly what this architecture provides.

Signing versus verification
Two complementary paths: the issuer signs and the recipient verifies.

The issuer (signs)

  • Computes the invoice fingerprint
  • Encrypts it with the private key
  • Attaches the signature to the invoice

The recipient/ZATCA (verifies)

  • Recomputes the fingerprint
  • Decrypts the signature with the public key
  • Matches: a match = a valid invoice
A match between the two fingerprints proves that the invoice is authentic and has not been modified.

What does a digital signature actually guarantee?

It is important to understand the limits of the digital signature precisely, so that guarantees it does not provide are not attributed to it. A digital signature guarantees the following:

  • That the invoice has not been tampered with: Any modification to the value, date, or line items of the invoice is detected immediately upon verification.
  • That the invoice issuer is the holder of the private key: As long as the private key is kept secret, no one can impersonate the issuer’s identity.
  • That the issuer cannot deny it: Since they alone hold the private key, they cannot repudiate an invoice they signed with it.

On the other hand, there are things that a digital signature alone does not guarantee, and it is a mistake to assume otherwise:

  • It does not guarantee content confidentiality: The signature proves integrity and identity, but it does not hide the content of the invoice. Encryption to conceal content is a separate process.
  • It does not guarantee the correctness of the data itself: The signature proves that the invoice has not changed, but it does not verify that the entered values are accounting- or regulation-wise correct. That is the issuer’s responsibility.
  • It does not protect if the private key is leaked: The security of the entire system relies on keeping the private key safe. If it is leaked, whoever obtains it can sign on behalf of its owner.

For this reason, accredited accounting systems take great care to store and manage private keys securely, away from any unauthorized access. Protecting the private key is not a minor technical detail; it is the first line of defense for the credibility of every invoice the establishment issues. Any negligence in this area undermines trust in the entire system, no matter how strong the algorithms used are.

From the digital signature to the digital certificate

A fundamental question remains: how does the verifier trust that the public key truly belongs to the establishment that claims to own it? Merely possessing a public key does not prove the identity of its owner. This is where the Digital Certificate and the Certificate Authority that issues it come in.

A digital certificate is an electronic document that links the public key to the identity of its owner, and it is issued by a trusted authority that verifies the identity before issuance. So when you receive a signed invoice, you do not trust the public key in itself; rather, you trust the certificate issued by the trusted authority that attests that this key belongs to that specific establishment.

In the context of Saudi e-invoicing, ZATCA issues a special certificate for each establishment called the Cryptographic Stamp Identifier (CSID). This identifier is the certificate that links the establishment’s public key to its identity registered with ZATCA, and it is used to sign every invoice in the production environment. We explain this concept in detail in the article on the CSID certificate: the cryptographic stamp identifier in the e-invoice.

And when the signed invoice is sent to ZATCA via the Fatoora platform, the system verifies the signature using the registered certificate, as part of the clearance or reporting process. Learn more about this process in the article on clearance in the e-invoice.

The chain of trust: from the key to the issuing authority

We understood that the digital certificate links the public key to the identity of its owner. But a deeper question arises: who vouches for the authority that issued the certificate itself? The answer lies in the concept of the chain of trust, which is a hierarchical structure that links each certificate to an authority above it until it reaches a trusted root authority.

The chain of trust works as follows. At the top there is a Root Authority that the entire system trusts in advance. This authority issues certificates to intermediate authorities, and the intermediate authorities in turn issue certificates to establishments. When a party verifies an establishment’s certificate, it traces the chain upward until it reaches the trusted root authority; if the chain is complete without interruption, the certificate is considered valid.

This hierarchical design is essential because it is practically impossible for every party to know every establishment in the market in advance. Instead, it is enough for everyone to trust a limited number of root authorities, and trust then propagates automatically to every certificate issued beneath them. In the context of e-invoicing, ZATCA represents the top of this chain, as it is the authority that issues establishments’ certificates and vouches for their validity.

The value of this design lies in its scalability. No matter how much the number of registered establishments grows, the number of trusted root authorities remains fixed and limited. This makes verification fast and reliable even with millions of invoices issued daily in the market. Every invoice carries enough information for the verifier to trace its chain upward and reach a verdict without needing a massive database of every establishment.

When does a certificate become invalid?

A digital certificate is not valid forever. It has a defined validity period, and it expires when that period lapses, so the establishment needs to renew it. A certificate can also be revoked before it expires if the private key associated with it is leaked or the establishment’s data changes. Upon revocation, the certificate is added to a revocation list that the system checks before accepting any signature.

This means that the validity of a signature does not depend on the correctness of the mathematical process alone, but also on the used certificate still being active and not revoked at the time of signing. Accredited accounting systems track the certificate’s validity and alert the establishment before it expires to avoid a halt in invoice issuance.

Why does this matter to every establishment?

A digital signature may seem like a purely technical topic that does not concern a business owner. The truth is the opposite. Understanding the principle, even at a general level, helps you make the right decisions about your accounting system and protect your establishment.

First, a digital signature protects your establishment legally. A signed invoice is undeniable evidence of a transaction that took place with a specific value and date. This protects you in commercial disputes and tax audits, because no party can claim that the invoice was forged or modified.

Second, a digital signature sets a criterion for choosing an accounting system. The system you choose must handle signing, key management, and certificate operations securely and efficiently. Choosing a non-compliant or insecure system exposes your establishment to having its invoices rejected by ZATCA, or worse, to having its private key leaked.

Third, a digital signature is part of a broader compliance system. And when you know who is obligated to apply the e-invoice, you realize that signing is not an option but a regulatory obligation on every covered establishment. And to learn how an accounting system achieves this compliance in practice, see the page second-phase readiness in Qoyod.

The practical takeaway is that a digital signature is a technology that works in the background, yet it directly protects your establishment’s interests. All you need is a trustworthy accounting system that handles its complexities on your behalf, so you can devote yourself to running your business.

The digital signature in the context of Saudi e-invoicing

Everything we have explained of cryptographic principles applies directly to e-invoicing in Saudi Arabia. ZATCA made the digital signature mandatory in the second phase, which requires signing every invoice with a cryptographic stamp before it is approved.

In practice, when issuing an invoice in the second phase, the system computes the invoice fingerprint, signs it with the private key associated with the establishment’s certificate, then generates the QR code that contains the signature data, the fingerprint, and the public key. This output visible inside the invoice is what we call the cryptographic stamp.

The important distinction is that the digital signature is the principle and the mechanism, while the cryptographic stamp is the actual application of this principle inside the invoice structure according to ZATCA’s specifications. To understand the output in detail and its position inside the invoice, see the article on the cryptographic stamp in the e-invoice. And if you are still building your basic understanding, start from the article on what is an e-invoice?.

Start today

Digitally signed invoices compliant with the second phase

Qoyod handles signing every invoice with the cryptographic stamp, generating the QR code, and sending it to the Fatoora platform, without you dealing with any technical details. Start your free trial now.

Start your free trial and sign your invoices automatically

How Qoyod helps you sign your invoices digitally

The cryptographic principles we explained are complex, but Qoyod hides them all behind a simple interface. As an accounting system compliant with the second phase of e-invoicing, Qoyod handles the technical side entirely on your behalf:

  • Signing every invoice with the cryptographic stamp automatically: Qoyod computes the invoice fingerprint and signs it with the establishment’s key associated with its certificate, without any manual step from you.
  • Generating a compliant QR code: Qoyod creates the QR code in the required TLV format, including the signature data, the fingerprint, and the public key.
  • Managing the cryptographic stamp certificate (CSID): Qoyod handles the establishment’s certificate used to sign invoices in the production environment.
  • Generating an XML file in UBL 2.1 format: Qoyod creates the invoice file in the technical format required by ZATCA, with the linking chain between invoices.
  • Sending the invoice to the Fatoora platform: Qoyod connects your invoices to the Fatoora platform for clearance (B2B) or reporting (B2C) within the regulatory periods.

Important note: Entering the second phase requires registering your establishment’s certificate with ZATCA, a step the establishment carries out itself via the Fatoora platform, and Qoyod guides you through it. After registration, Qoyod handles everything else automatically with every invoice.

Try Qoyod free for 14 days, no credit card required.

Frequently asked questions about the digital signature

What is the difference between a digital signature and an electronic signature?

An electronic signature is a broad concept that includes any electronic means of approval, such as typing a name or clicking an “I agree” button. A digital signature, on the other hand, is a specific type that relies on key-based cryptography and provides authentication and content integrity mathematically. Every digital signature is an electronic signature, but the reverse is not true.

Can a digital signature be forged?

Practically no, as long as the private key is kept secret. Forging the signature requires possessing the private key or solving a mathematical problem whose solution would take longer than the lifetime of current computing systems. The only realistic risk is the leakage of the private key, which is why keys are stored with great care.

What is the relationship between the digital signature and the cryptographic stamp?

The cryptographic stamp is the actual application of the digital signature inside the e-invoice according to ZATCA’s specifications. The digital signature is the general cryptographic principle, and the cryptographic stamp is the output that appears in the invoice and the QR code.

Do I need to understand cryptography to issue a signed invoice?

No. A compliant accounting system like Qoyod handles all cryptographic operations automatically behind the scenes. You only enter the invoice data, and the system handles the signing, generating the QR code, and sending it to the Fatoora platform.

Which signing algorithm is used in Saudi e-invoicing?

Saudi e-invoicing relies on the ECDSA signing algorithm based on elliptic curves, together with the SHA-256 hash function to compute the invoice fingerprint. These algorithms provide high security with processing efficiency suitable for signing large numbers of invoices.

Where is the establishment’s private key stored?

The private key is kept in a secure environment it never leaves, and it is never sent with the invoice. What is sent with the invoice is only the signature and the public key. Accredited accounting systems handle storing and managing the key securely on behalf of the establishment.

Guides

Continue your learning journey

Explore the rest of Qoyod’s guides, or start applying what you’ve learned.

Live webinars hosted by the Qoyod team to help you use the software easily and answer your questions.

Discover Qoyod’s latest updates, ongoing improvements, and new features in one place.

Our team is ready to help you and provide instant support for any issue you face, around the clock.